It's really simple.
Go to,
[code]
steam/steamapps/<your profile>/garrysmod/bin
[/code]
[highlight]Overwrite the engine.dll from your garrysmod/bin folder on your orangebox/bin folder on your server.[/highlight]
Go to your server.cfg on your server and edit your server.cfg so it has the following commands in it.
[code]
sv_allowdownload 0
sv_allowupload 0
[/code]
[b]Holy fucking shit, that was so hard. You did it![/b]
If you cannot manage to find the correct engine.dll, I have uploaded it on my site. Remember that all of Valve's engine.dlls are the same filesize, you need to check the digital signature on through Right Click>Properties and make sure it was built in September or later.
[url]http://www.exiledservers.net/files/garrysmod/engine.dll[/url]
Now, if you still want to have server downloads (maps, materials, dua, models, sounds) you need to setup a sv_downloadurl.
If you run a popular server there is not a reason for not doing this other than laziness or ignorance.
Here is some documentation on sv_downloadurl, I am not helping you with this.
[url]http://wiki.garrysmod.com/?title=Setting_up_sv_downloadurl[/url]
[url]http://forums.srcds.com/viewtopic/1077[/url]
[url]http://forums.alliedmods.net/showthread.php?t=21331[/url]
[url]http://forums.counter-strike.com/installation-tweaking/1361-guide-setting-up-sv_downloadurl-fast-map-downloads.html[/url]
[url]http://forums.eventscripts.com/viewtopic.php?t=516[/url]
[url]http://developer.valvesoftware.com/wiki/Sv_downloadurl[/url]
[url]http://forums.tf2maps.net/showthread.php?t=3336[/url]
[b]You do not need sv_allowdownload or sv_allowupload set as 1 to use a downloadurl, if any tutorials say to do this IGNORE IT.[/b]
Here are some webhosts I recommend from some experience with them.
[url]www.bluehost.com[/url]
[url]www.x10hosting.com[/url] (They have some odd rules and policies though, they offer free hosting)
[url]www.arvixe.com[/url]
[url]www.servage.net[/url]
[url]www.hostgator.com[/url] (Some people hate it, some people like it)
I'm Teddi and I approve of this method. (Because unlike D-FENS, this actually works)
Thanks sadistic, this'll help keep the DarkRP servers up and running 24/7 now.
[i]You need to post source to the engine.dll if u not want to get banned by garry, or worse[/i]
That explains for the nubs how to avoid getting haxed lol :D
[QUOTE=Lau;18755176][i]You need to post source to the engine.dll if u not want to get banned by garry, or worse[/i][/QUOTE]
It's your choice if you download it or not, I really don't care.
It's the dll I am using on my servers, it works for me.
Agree'd, this works.
[QUOTE=Lau;18755176]Thanks sadistic, this'll help keep the DarkRP servers up and running 24/7 now.
[i]You need to post source to the engine.dll if u not want to get banned by garry, or worse[/i][/QUOTE]
It's the same as the engine.dll from a clients copy of Gmod.
I'd like to remind that if your server had been exploited, don't forget to check all the autorun scripts for malicious codes. There still might be one or two codes uploaded deep into addons or lua folders. Even if you fix and disable upload exploit, they can execute commands on your server, if there are any uploaded lua's left.
These are the common folders which exploiters upload their lua (In my case, all the uploaded luas were in these folders. I found 18 malicious lua files after I brought down my servers):
[code]garrysmod/lua/autorun/
garrysmod/lua/autorun/server
garrysmod/addons/derma/lua/autorun
garrysmod/addons/derma/lua/autorun/server
garrysmod/addons/assmod/lua/autorun
garrysmod/addons/assmod/lua/autorun/server[/code]
- Xev
well done Teddi,
now i can start The Great Forge's GMod Server again.
- Robin
A man named wizard of shiron or something like that came into my server, made him self admin, then godded himself and told me about this thread, to 'fix the exploit he was using'. I didnt ban him though, he just sat there and did things like any other non admin player did. Then i saw 'Console: see you my minions. I have to illuminate more servers.' Hah, well done bud, and thanks for the help.
-Ajax/Danish
[QUOTE=Illegal Danish;18758555]A man named wizard of shiron or something like that came into my server, made him self admin, then godded himself and told me about this thread, to 'fix the exploit he was using'. I didnt ban him though, he just sat there and did things like any other non admin player did. Then i saw 'Console: see you my minions. I have to illuminate more servers.' Hah, well done bud, and thanks for the help.
-Ajax/Danish[/QUOTE]
If only the people who originally attacked my servers were like that :/
[QUOTE=infinitywrai;18759448]If only the people who originally attacked my servers were like that :/[/QUOTE]
Someone told me this after the craze hit. I decided to try it out to download someone server.cfg to see how it worked. All I got was "Sorry, your server.cfg is not here, try another castle" I couldn't help but to laugh :3:
It seems to be causing extreme lag spikes, not sure if it's the engine.dll though. Might also be some files that some exploiter has uploaded, which are causing this.
Wait, so this stops you from having other people download files from your server, or from you downloading things from servers you join?
Does lua files still get downloaded by this setting sv_allowdownload to 0?
Thanks, idiots (and I know who) have been raiding my server lately.
I'm just curious, but what danger is there in allowing downloads, but just not uploads? As opposed to blocking both, and hosting the downloads elsewhere?
Okay there really is no reason to even be asking questions like "what if I just keep sv_allowdownload on and upload 0..." Buy a downloadurl. There cheap and I can guarantee you well get more players because they don't have to take a year to download files.
Or use a server host that automatically does all the work to make sv_downloadurl do it's thing. (xenonservers) .
EDIT:
Dave, that would mean not being able to USE rcon, which is retarded.
[QUOTE=DDooby;18763774]It seems to be causing extreme lag spikes, not sure if it's the engine.dll though. Might also be some files that some exploiter has uploaded, which are causing this.[/QUOTE]
Im getting the exact same thing guy came on server rooted around server files told me about exploit showed evidence by paste stuff from my server.cfg and ever since then my server laggs very bad. If you find out how to fix this please tell me.
[editline]12:03AM[/editline]
[QUOTE=Dave_Parker;18768590]People can download your server.cfg and find out your rcon password. And no, hiding it in other cfgs won't help, because those will have to be executed somewhere and those can be downloaded too.
Or just do rcon_password ""[/QUOTE]
If you wish to hide your rcon password apply it to the command line. (and obv remove it from server.cfg)
[QUOTE=Potatomato;18766929]Wait, so this stops you from having other people download files from your server, or from you downloading things from servers you join?[/QUOTE]
This stops all uploading and downloading from the gameserver, all downloading by clients should be handled with a downloadurl anyways. All this does is disable sprays, clients will still download files correctly because their requests are being redirected to a website (sv_downloadurl) instead of being sent at 10kb/s from the server to the client.
[QUOTE=Donkie;18767617]Does lua files still get downloaded by this setting sv_allowdownload to 0?[/QUOTE]
You need a downloadurl.
[QUOTE=NikoKun;18768318]I'm just curious, but what danger is there in allowing downloads, but just not uploads? As opposed to blocking both, and hosting the downloads elsewhere?[/QUOTE]
They can download files from anywhere on your server, you obviously don't want this.
[QUOTE=X1L3D;18768890]Okay there really is no reason to even be asking questions like "what if I just keep sv_allowdownload on and upload 0..." Buy a downloadurl. There cheap and I can guarantee you well get more players because they don't have to take a year to download files.[/QUOTE]
sv_downloadurl's also allow the client to download at their max download speeds. (1mb/s instead of 10-20kb/s with a cable connection)
[QUOTE=Bletotum;18769983]Or use a server host that automatically does all the work to make sv_downloadurl do it's thing. (xenonservers) .
EDIT:
Dave, that would mean not being able to USE rcon, which is retarded.[/QUOTE]
Rcon isn't that useful to most people, anything you really want to do can normally be done with a command in lua.
[QUOTE=infinitywrai;18759448]If only the people who originally attacked my servers were like that :/[/QUOTE]
Yeah, whenever someone makes themself admin on my servers they end up unbanning everyone then banning everyone in the server and leaving.
[editline]09:59PM[/editline]
Is keeping rcon enabled safe if I'm using the downloadurl? I like to be able to use HLSW to deal with some issues without having to boot up Garry's Mod.
[QUOTE=DiscoBiscut;18776916]Yeah, whenever someone makes themself admin on my servers they end up unbanning everyone then banning everyone in the server and leaving.
[editline]09:59PM[/editline]
Is keeping rcon enabled safe if I'm using the downloadurl? I like to be able to use HLSW to deal with some issues without having to boot up Garry's Mod.[/QUOTE]
Are you uploading your server.cfg to your downloadurl or are you hosting the website on the same computer?
You obviously don't want to upload your entire server to the downloadurl...
[QUOTE=slayer3032;18777397]Are you uploading your server.cfg to your downloadurl or are you hosting the website on the same computer?
You obviously don't want to upload your entire server to the downloadurl...[/QUOTE]
I have server.cfg and a few addons and maps on a separate server than my game server.
Here are the fixes I performed on my server:
I renamed my real server.cfg and executed the cfg via the command line.
I disabled RCON by doing rconpassword = "".
I dissallowed uploads.
The only way they could get the rcon file now is to guess the name :/
Easiest thing: Do not use Rcon. Anything you want to use can be ran with lua_run or game.ConsoleCommand("insertcmdhere\n"). Rcon is pretty much the most insecure thing ever made and it can be pretty straightforwards to get, especially in Gmod.
well teddi lemme tell you that you cant patch the unpatchable lol
It's patchable.
or so you think ;)
Or so I know.
Sorry, you need to Log In to post a reply to this thread.
